Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08.02.2018 Uruchomiony przez Qubczyk (09-02-2018 20:51:46) Uruchomiony z C:\Users\Qubczyk\Desktop\FRST64 Windows 7 Ultimate Service Pack 1 (X64) (2014-08-25 15:21:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-817834129-3643686830-2580109843-500 - Administrator - Disabled) Gość (S-1-5-21-817834129-3643686830-2580109843-501 - Limited - Disabled) Madziara (S-1-5-21-817834129-3643686830-2580109843-1002 - Administrator - Enabled) => C:\Users\Madziara Qubczyk (S-1-5-21-817834129-3643686830-2580109843-1000 - Administrator - Enabled) => C:\Users\Qubczyk ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-817834129-3643686830-2580109843-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.0 - PainteR) AMD Catalyst Install Manager (HKLM\...\{B858CA94-FAA0-3663-01AE-0B0798C61657}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.) AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.) Big English Level 3 Offline eText (HKLM-x32\...\xxxxxxxxxxxxx-Pearson) (Version: - Pearson Education) Brother MFL-Pro Suite DCP-J552DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}) (Version: 15.2.0.661 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}) (Version: 15.2.661 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{E3B264CE-D9CF-448B-960F-4F832FB1F990}) (Version: 15.2.661 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (HKLM-x32\...\{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (HKLM-x32\...\{B399C91E-96F2-4265-9884-1C9A10E9FCF4}) (Version: 15.2 - Corel Corporation) Hidden CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.661 - Corel Corporation) CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - ) e-Deklaracje Desktop (HKLM-x32\...\{F492A2EF-2040-B9F6-8FB0-7B8CE9CC043B}) (Version: 9.0.4 - Ministerstwo Finansow) Hidden e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 9.0.4 - Ministerstwo Finansow) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.39.707 - Digital Wave Ltd) Free Video Editor (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.54.606 - Digital Wave Ltd) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle) K-Lite Codec Pack 10.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - ) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Mozilla Firefox 58.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 58.0.1 (x64 pl)) (Version: 58.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla) Mozilla Thunderbird 31.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 pl)) (Version: 31.6.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation) Hidden NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation) Nero Burning ROM 2014 (HKLM-x32\...\{B0E4ACBC-4CFA-4B6D-9B7B-E13C171BCC23}) (Version: 15.0.05300 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG) Opanda IExif 2.3 (HKLM-x32\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio) PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) PIT Format 2016 (HKLM-x32\...\PIT Format 2016_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Spotify (HKU\S-1-5-21-817834129-3643686830-2580109843-1000\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) VSDC Free Video Editor version 5.7.7.702 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 5.7.7.702 - Flash-Integro LLC) Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{99759E36-8961-43DC-A7E6-4601D6AEF166}) (Version: 1.1.2726.0 - Microsoft Corporation) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-10-25] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2B865131-ABD6-4B97-9937-F50FE290C137} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd) Task: {38F9E460-17C5-4062-965B-9C74E7E5472F} - System32\Tasks\AdobeAAMUpdater-1.0-Qubczyk-KOMP-Qubczyk => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {5EF69D95-1C81-40DD-A2D2-C91C954BAE6B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG) Task: {623D73A3-5C98-46CF-9B41-175133B8D2EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated) Task: {6782B795-391C-4528-9898-A1F165CD88AA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd) Task: {C40E93BC-D9D0-4750-9FD8-1BA75B089335} - \QubczykMadEpiphenomenaV2 -> Brak pliku <==== UWAGA Task: {DA7D3969-D7E4-4AA7-801C-CDE6368A1D4F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {EFCF0038-2CCD-4037-A99C-3AEDF07BC0FC} - \{F0BD03AE-ABD3-4787-9D06-39433E720985} -> Brak pliku <==== UWAGA Task: {FD4DB598-1C2B-4F91-9926-E69968286497} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-11-15 13:29 - 2014-11-15 13:29 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe 2014-08-25 17:56 - 2007-09-02 12:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2011-10-25 20:29 - 2011-10-25 20:29 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2018-02-09 20:45 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-02-09 20:45 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-07-24 16:29 - 2017-05-16 20:49 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2017-07-24 16:30 - 2016-11-22 14:17 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2017-07-24 16:30 - 2016-11-22 14:17 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-07-24 16:30 - 2016-11-22 14:17 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2014-08-25 17:56 - 2007-09-02 12:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2018-02-05 17:19 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-02-24 17:55 - 2015-02-24 17:55 - 000000828 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-817834129-3643686830-2580109843-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Qubczyk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeBridge => MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Qubczyk\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{DA960160-A5B8-4FD6-917E-EE7319E5B158}] => (Allow) C:\Users\Qubczyk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EE47DBB6-C1CC-43FA-BEB7-BE8E655AC2C3}] => (Allow) C:\Users\Qubczyk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{799A8A5D-B7D4-4B9F-B447-8CA5DE75628A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{1905E38F-79D4-4BB6-ABA0-738F50B07EC2}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{C9E9DFD0-5E67-4C32-A621-0850831029E9}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{2ADE37D6-8534-4A18-BCFC-4BF7228B0101}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [TCP Query User{79B252DA-43D4-46C2-80BD-175183923B53}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{C607BFDD-8F21-449A-BE98-1EFCE200E4CB}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [{86C55D0B-FBAC-4382-B120-B2CEA0F1DD93}] => (Block) %ProgramFiles% (x86)\Photodex\ProShow Producer\proshow.exe FirewallRules: [{E911342E-53C1-4631-A65B-214C6940A2E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DD3A06BE-7C0F-4AD6-84CC-74A7BA36A6EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D2FE4E9F-234B-485F-84C9-27D19B42AE39}] => (Allow) F:\Gry\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{8DBEE588-EB7C-4BD1-ADDA-0C058951DC05}] => (Allow) F:\Gry\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{9856D73C-BF33-482F-B06B-D46E95BA11B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D4BBA9E9-BA10-42BB-8FF6-6978110FA509}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{9370A594-E8E3-4C11-809C-2DB261692496}C:\users\qubczyk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qubczyk\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2BA40C19-001B-4026-8196-846C9DC0E604}C:\users\qubczyk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qubczyk\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1DC2FF1A-BB35-4749-9256-3E83F81CD536}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{0D48C7F1-FF22-41C4-8D1E-03003946439C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{A21D130B-A5AB-4138-AE37-B5962BEC9038}C:\users\qubczyk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qubczyk\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F0B995AA-33BE-4B04-8986-6FF1FBAAA5BD}C:\users\qubczyk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qubczyk\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0560AF58-2692-420F-8A03-DB2A1892CDD2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{3C791571-B592-46AE-8E2F-9658D32DE657}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [{02CB83EF-64A1-4E1A-B046-4CC5E2F73647}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E33F15D4-E071-4C68-8E4A-D7076F769917}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C0312BAB-CCC9-43A3-BEBD-57CF18A71C93}] => (Allow) C:\Windows\System32\hasplms.exe FirewallRules: [{2DA2614C-5A95-4B0C-BC7B-D559DE301522}] => (Allow) C:\Windows\System32\hasplms.exe FirewallRules: [{9C984A82-24D7-4F17-83E2-08F2FDE7CB6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{9311F117-56C5-4026-8F16-E2EFF77872A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D9F6E7B4-B225-4B8D-AAC5-CF81CEDB7135}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{6CE1DF45-21C0-4AD0-8416-26E491495EB4}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{A5006C2C-0B55-4ED8-BA81-5763FEED118B}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe FirewallRules: [{B62574F8-E83B-42C8-81AF-9BED9105BF9D}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe FirewallRules: [{B2AA7DA0-C691-4839-93FD-8A632E1C837F}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{82992E76-3B21-4798-A3A1-2AB5A75812F5}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{8DEEA292-9A6C-4E38-BAD1-0CA62C6D8081}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{B037B66E-F02C-4C61-A9BF-5C378A099F86}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{2014AFA3-EF74-42D8-857F-9B0C3EA32F25}] => (Allow) G:\Gry Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7A263312-C998-4BA6-BDBB-6854D071A128}] => (Allow) G:\Gry Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ==================== Punkty Przywracania systemu ========================= 09-02-2018 12:53:14 Zaplanowany punkt kontrolny 09-02-2018 20:40:07 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/09/2018 08:44:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (02/09/2018 08:43:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/09/2018 08:43:14 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/09/2018 08:43:14 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/09/2018 08:40:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . CodeIntegrity: =================================== Date: 2018-02-09 20:43:13.087 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: AMD Phenom(tm) II X6 1090T Processor Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 8191.18 MB Dostępna pamięć fizyczna: 5007.46 MB Całkowita pamięć wirtualna: 16380.53 MB Dostępna pamięć wirtualna: 12372.29 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:8.81 GB) NTFS Drive e: (cuda wianki) (Fixed) (Total:931.51 GB) (Free:177.08 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive f: () (Fixed) (Total:195.31 GB) (Free:25.75 GB) NTFS Drive g: () (Fixed) (Total:400.39 GB) (Free:43.04 GB) NTFS Drive h: () (Fixed) (Total:335.81 GB) (Free:49.13 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0A24509B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DAE28A87) Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=400.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=335.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E5A762AF) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================